Team for Research in
Ubiquitous Secure Technology

TRUST Annual Report 2009-2010
Faculty and Staff

Citation
Faculty and Staff. "TRUST Annual Report 2009-2010". Unpublished article, May, 2010.

Abstract
The Team for Research in Ubiquitous Security Technology (TRUST) was created in response to a growing sense of urgency in dealing with all aspects of cyber security as it affects society. The role and penetration of computing systems and networks in our societal infrastructure continues to grow and their importance to societal safety and the security has never been greater. Beyond mere connection to the internet and access to global resources, information systems form the backbone of our nation's financial services and electronic commerce, are used for controlling critical infrastructures such as power, water, and telecommunications, and enable the rapid evolution in healthcare toward enhanced services increasingly supported by the digital storage of and instant access to patient health and medical data. That said, many such computing and control systems remain untrustworthy. Waves of viruses and worms sweep the Internet and exhibit increasing virulence and rate of speed that is also directly proportional to their growing ease of deployment. Issues affecting privacy are poorly understood and, when they are understood, are often not sufficiently addressed in system design and development. Security is generally inadequate, and some speak of a "market failure" in the domain. Broader issues of software usability, reliability and correctness remain challenging. Industry stakeholders are unable to recruit new employees adequately trained in these technologies. Society is placing computers into critical roles, although they do not meet the requirements of trust.

TRUST is composed of several universities that have joined forces to organize a multifaceted response to these issues. TRUST represents the strongest and most diverse engagement in the area of trusted systems ever assembled. TRUST recognized the breadth of the problems and has combined fundamental science with a broader multidisciplinary focus on economic, social, and legal considerations as well as a substantial education mission. TRUST is enabling dialog with stakeholders whose needs simply cannot be approached in a narrower and purely technical manner or by any single research group. As such, TRUST acts as an intermediary between policy makers and society at large on the one hand, and researchers, academics, and industrial providers of services and technology on the other. TRUST seeks to achieve its mission through research as well as a global policy for engaging in education of society as a whole. This annual report of TRUST details the experience of the Center along many dimensions—research, education, diversity, and knowledge transfer.

In research, TRUST has achieved success along several fronts and is addressing fundamental scientific and technological problems and advancing the state-of-the-art in a number of areas: security and privacy issues associated with the rapidly increasing use of electronic media for the archival and access of patient medical records; web authentication, end-user privacy, next-generation browser security, malware detection, and improved system forensic techniques to combat online attacks; application defenses for network-level intrusions and attacks including compromised and malfunctioning legacy applications, viruses, worms, and spyware; incentives for research, investment, policies, and procedures for technology that enhance system security, privacy, and trustworthiness; secure embedded sensor networks for large-scale applications critical to the nation’s economy, energy, security, and health; and techniques that ensure trustworthy computing by securing hardware, improving software robustness, and increasing the survivability of critical systems.

In education, TRUST is leveraging an existing learning technology infrastructure to quickly enable TRUST courseware and material to be assembled, deposited in a repository, and adapted for wide web-based content dissemination. In addition to developing special courses for undergraduate and graduate curricula, and regular seminars and webcasts, TRUST has hosted a series of workshops on sensor networks, privacy, identity theft, and electronic medical records. A major thrust recently has been focused on increasing content in the TRUST Academy Online (TAO) and continuing the redesign of the TAO portal.

In diversity, TRUST has an ambitious goal of reaching a diversity goal across the Center of 30% women and 10% from underrepresented minorities. The Center has been very proactive in this regard and expanded several programs for enhancing diversity and broadening the participation of women and underrepresented minorities.

In knowledge transfer, TRUST has continued a robust program of technology transition with industry (from reporting security vulnerabilities to software vendors to various consulting activities) and active engagement with governmental agencies such as the Department of Homeland Security (DHS), the Air Force Office of Scientific Research (AFOSR), the Department of Defense (DoD), and the Department of Energy (DoE) which are all concerned with issues of cybersecurity and trustworthiness. Recently, this has been expanded to include key constituents in the financial sector, in particular through dialogue and exchange of ideas with the Financial Services Technology Consortium (FSTC). TRUST also has an active set of industrial partners with whom we are engaging in research and development collaborations of mutual interest.

Overall, we are happy to report that the Center is making excellent progress towards its goals, its participants are actively engaged, and the outlook is positive.

Electronic downloads

Citation formats  
  • HTML
      Faculty and Staff. <a
    href="http://www.truststc.org/pubs/755.html"
    ><i>TRUST Annual Report
    2009-2010</i></a>, Unpublished article,  May,
    2010.
  • Plain text
      Faculty and Staff. "TRUST Annual Report
    2009-2010". Unpublished article,  May, 2010.
  • BibTeX
    @unpublished{FacultyandStaff10_TRUSTAnnualReport20092010,
        author = {  Faculty and Staff},
        title = {TRUST Annual Report 2009-2010},
        month = {May},
        year = {2010},
        abstract = {The Team for Research in Ubiquitous Security
                  Technology (TRUST) was created in response to a
                  growing sense of urgency in dealing with all
                  aspects of cyber security as it affects society.
                  The role and penetration of computing systems and
                  networks in our societal infrastructure continues
                  to grow and their importance to societal safety
                  and the security has never been greater. Beyond
                  mere connection to the internet and access to
                  global resources, information systems form the
                  backbone of our nation's financial services and
                  electronic commerce, are used for controlling
                  critical infrastructures such as power, water, and
                  telecommunications, and enable the rapid evolution
                  in healthcare toward enhanced services
                  increasingly supported by the digital storage of
                  and instant access to patient health and medical
                  data. That said, many such computing and control
                  systems remain untrustworthy. Waves of viruses and
                  worms sweep the Internet and exhibit increasing
                  virulence and rate of speed that is also directly
                  proportional to their growing ease of deployment.
                  Issues affecting privacy are poorly understood
                  and, when they are understood, are often not
                  sufficiently addressed in system design and
                  development. Security is generally inadequate, and
                  some speak of a "market failure" in the domain.
                  Broader issues of software usability, reliability
                  and correctness remain challenging. Industry
                  stakeholders are unable to recruit new employees
                  adequately trained in these technologies. Society
                  is placing computers into critical roles, although
                  they do not meet the requirements of trust.
                  <p>TRUST is composed of several universities that
                  have joined forces to organize a multifaceted
                  response to these issues. TRUST represents the
                  strongest and most diverse engagement in the area
                  of trusted systems ever assembled. TRUST
                  recognized the breadth of the problems and has
                  combined fundamental science with a broader
                  multidisciplinary focus on economic, social, and
                  legal considerations as well as a substantial
                  education mission. TRUST is enabling dialog with
                  stakeholders whose needs simply cannot be
                  approached in a narrower and purely technical
                  manner or by any single research group. As such,
                  TRUST acts as an intermediary between policy
                  makers and society at large on the one hand, and
                  researchers, academics, and industrial providers
                  of services and technology on the other. TRUST
                  seeks to achieve its mission through research as
                  well as a global policy for engaging in education
                  of society as a whole. This annual report of TRUST
                  details the experience of the Center along many
                  dimensions—research, education, diversity, and
                  knowledge transfer. <p>In research, TRUST has
                  achieved success along several fronts and is
                  addressing fundamental scientific and
                  technological problems and advancing the
                  state-of-the-art in a number of areas: security
                  and privacy issues associated with the rapidly
                  increasing use of electronic media for the
                  archival and access of patient medical records;
                  web authentication, end-user privacy,
                  next-generation browser security, malware
                  detection, and improved system forensic techniques
                  to combat online attacks; application defenses for
                  network-level intrusions and attacks including
                  compromised and malfunctioning legacy
                  applications, viruses, worms, and spyware;
                  incentives for research, investment, policies, and
                  procedures for technology that enhance system
                  security, privacy, and trustworthiness; secure
                  embedded sensor networks for large-scale
                  applications critical to the nation’s economy,
                  energy, security, and health; and techniques that
                  ensure trustworthy computing by securing hardware,
                  improving software robustness, and increasing the
                  survivability of critical systems. <p>In
                  education, TRUST is leveraging an existing
                  learning technology infrastructure to quickly
                  enable TRUST courseware and material to be
                  assembled, deposited in a repository, and adapted
                  for wide web-based content dissemination. In
                  addition to developing special courses for
                  undergraduate and graduate curricula, and regular
                  seminars and webcasts, TRUST has hosted a series
                  of workshops on sensor networks, privacy, identity
                  theft, and electronic medical records. A major
                  thrust recently has been focused on increasing
                  content in the TRUST Academy Online (TAO) and
                  continuing the redesign of the TAO portal. <p>In
                  diversity, TRUST has an ambitious goal of reaching
                  a diversity goal across the Center of 30% women
                  and 10% from underrepresented minorities. The
                  Center has been very proactive in this regard and
                  expanded several programs for enhancing diversity
                  and broadening the participation of women and
                  underrepresented minorities. <p>In knowledge
                  transfer, TRUST has continued a robust program of
                  technology transition with industry (from
                  reporting security vulnerabilities to software
                  vendors to various consulting activities) and
                  active engagement with governmental agencies such
                  as the Department of Homeland Security (DHS), the
                  Air Force Office of Scientific Research (AFOSR),
                  the Department of Defense (DoD), and the
                  Department of Energy (DoE) which are all concerned
                  with issues of cybersecurity and trustworthiness.
                  Recently, this has been expanded to include key
                  constituents in the financial sector, in
                  particular through dialogue and exchange of ideas
                  with the Financial Services Technology Consortium
                  (FSTC). TRUST also has an active set of industrial
                  partners with whom we are engaging in research and
                  development collaborations of mutual interest.
                  <p>Overall, we are happy to report that the Center
                  is making excellent progress towards its goals,
                  its participants are actively engaged, and the
                  outlook is positive.},
        URL = {http://www.truststc.org/pubs/755.html}
    }
    

Posted by Larry Rohrbough on 4 Oct 2010.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.